Security Experts Warns of Gadhafi Malware Threat

The death of Colonel Gadhafi is likely to see a surge in malware attacks, security experts warned Thursday. The first attacks are likely to be via social media and later via search engines.

According to Graham Cluley, Senior Technology Consultant for Sophos, they would expect to see such links following his death.

“When Osama bin Laden died there were links spreading on Facebook that were ‘see the secret video footage of his shooting’ type,” he said. These were links to malware sites.

“It is going to be a huge news story and the criminals know there will be people hungry for news and may click on links without thinking about it.

“We have already seen links being distributed on Twitter and people clicking on them without thinking about it.” So far, said Mr. Cluley, they had not seen any malware links.

Mr. Cluley said it was likely that the attacks would be spread first via social networking sites.

“It takes more work to get their results up high on the search engines.”

The aim is to either to drive unwitting users to malware sites where their machine can be infected, or to phish users into revealing information such as their Facebook username and password.

According the Moscow-based Kaspersky Labs, the death of Osama Bin Laden provided an opportunity for malware vendors to poison links. Sites poisoned with Trojan.Win32.FakeAV.cvoo rogueware were available through Google’s image search.

Cyber criminals have to work quickly as the window of opportunity is not open for long. Facebook actively monitors for malware links. A spokesperson for Facebook said in an emailed comment:

“We’ve built numerous defenses to combat spam, phishing, and malware, including complex automated systems that work behind the scenes to detect and flag Facebook accounts that are likely to be compromised (based on anomalous activity like lots of messages sent in a short period of time, or messages with links that are known to be bad).

“Once we detect a phony message, we delete all instances of that message across the site.

“We also block malicious links from being shared and work with third parties to get phishing and malware sites added to browser blacklists or taken down completely.”

Facebook announced earlier this month that it had partnered with Websense to protect users against malware links.

Comments (1 of 1)

Thanks for the warning Ben. Social media allows hackers to take advantage of the trust between friends to spread malware attacks through seemingly safe content. With social media being used on company computers, corporate networks are at an increased risk for data breach. Having a social networking use policy is quite important, as is having the security infrastructure to prevent an attack. Corporations must ensure network layer Data Leakage Prevention (DLP) to prevent the outflow of user/corporate data. Our company Wedge Networks has been working towards solutions such as these for years, to prevent the good things from flowing out and the bad things from coming in.

About Tech Europe

Tech Europe covers Europe’s technology leaders, their companies, and the people and industries that support them — and their ideas. The blog is edited by Ben Rooney, with contributions from The Wall Street Journal and Dow Jones Newswires.